CVE-2024-40891—Zyxel DSL CPE OS Command Injection Vulnerability
PUBLISHEDvulnerability record
2025-02-11 · last modified June 21, 2025
Metadata
漏洞名称
Zyxel DSL CPE OS Command Injection Vulnerability
描述
Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet.
已知用于勒索软件活动吗?
采集行动
The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization if a current mitigation is unavailable.